New EU Rules Require ISPs, Telcos To Come Clean Within 24 Hours of Data Breaches 70
hypnosec writes "Under new EU regulations ISPs and Telcos serving European customers will have to come clean within 24 hours in case of a security or data breach that leads to theft, loss, or compromise of data. Companies will have to disclose the nature and size of the breach within the first 24 hours. Whenever it's not possible to submit such data, they must provide 'initial information' within the stipulated time and full details within three days. Under the new terms the affected organizations will be required to reveal information such as information that has been compromised and the steps that have been taken or will be taken to resolve the situation. If the breach 'is likely to adversely affect' personal information or privacy, affected businesses and consumers will be notified of the breach."
Re:NSA too? (Score:4, Informative)
that's the point of making them come clean of compromise to the data or get burnt if they get outed by someone.
americans can't do anything about it - but if european operating companies are liable legally in europe about the breaches they will either have to disclose the data compromises to their customers(bad for business) or move the servers inside eu and not share all data(since you know, the european privacy laws are against that).